In brief Adobe has issued updates to guard against a buffer overflow vulnerability in various versions of its popular Acrobat and Reader software packages. The security bug, which stems from an unspecified boundary error in the core application plug-in, might be used to inject hostile code into vulnerable systems by tricking potential victims into opening a maliciously constructed PDF file.

"If the vulnerability were successfully exploited, the application could crash with an increased risk of arbitrary code execution," Adobe warns. Security clearing house Secunia describes the software flaw as critical. Adobe Reader users on Windows or Mac OS are advised to upgrade to version 7.0.3 or 6.0.4. Acrobat users on Windows or Mac OS are urged to adopt version 7.0.3, 6.0.4 or 5.0.10. Linux or Solaris users of Adobe Reader should step up to version 7.0.1. Adobe's advisory can be found here. ®

Related stories

• Adobe Reader update lances multiple bugs (11 January 2007)
• Adobe scripting flaw unearthed (4 January 2007)
• Adobe puts Acrobat flaw on the critical list (7 December 2006)
• Mac OS X security under scrutiny (1 December 2005)
• Adobe CEO says bloated Microsoft has no heart (23 September 2005)
• Adobe up to the BAR (19 September 2005)
• Adobe joins developer shift (12 September 2005)
• Update Mac OS X security fix breaks 64-bit code (18 August 2005)
• In brief Adobe update quells Unix PDF peril (6 July 2005)
• Adobe patches Acrobat, Reader flaws (17 December 2004)
• Adobe anti-counterfeiting code trips up kosher users (15 January 2004)